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This listing of claims will replace all prior versions, and listings, of claims in the 
application: 

Listing of Claims: 

1 . (Currently Amended) An authentication protocol for increasing safety against 
a man-in-the-middle computer access attack for point-to-point communication, between a 
client computer and a server, to services in at least one of a network for data and 
telecommunication utilizing a challenge-response pattern, comprising: 

receiving from a client computer an authentication request containing a clients 
username to a server providing said services, said server identifying said client computer IP 
address and [[a]] client password accessible by the server through the transmitted username; 

said server responding with an N byte nonce numerical value; 

said authentication r e qu e st comprising receiving from said client computer a 
hash value of at least the parameters clients password, client computer unique IP address, 
server unique IP address, and said nonce value[[;]] as an authenticator for accessing said 
services; and 

r e c e iving said hash value from said cli e nt computer as an authenticator for 
acc e ssing said services; and 

said server reproducing said authenticator by utilizing said hash algorithm and 
the parameters clients accessible password, client computer unique IP address, server unique 
IP address, and said nonce value, comparing the reproduction with the transmitted 
authenticator, and granting an access to said server and services if said reproduced 
authenticator matches said transmitted, thus by utilizing said client computer unique IP 
address and said server unique IP address in said authenticator preventing a man-in-the- 
middle computer, having a different IP address, from addressing said server with a matching 
authenticator. 

2. (Original) The protocol according to claim 1, wherein said N byte nonce is a 
random data only generated once by a random generator and used once in said point-to-point 
communication and then discarded. 
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3. (Currently Amended) The protocol according to claim 2, wherein the random 
generator is provided with a seed to produce said nonce numerical value. 

4. (Original) The protocol according to claim 3, wherein the seed is comprised of 
said password and a volatile value. 

5. (Original) The protocol according to claim 4, wherein the volatile value is a 
timestamp value or a counter value. 

6. (Original) The protocol according to claim 1, wherein said parameters are 
concatenated in an arbitrary order before said hash algorithm is applied. 

7. (Original) The protocol according to claim 1, wherein said hash algorithm is 
one of SHA-1, SHA-256, SHA-384 and 3HA-512. 

8. (Original) The protocol according to claim 1, wherein said hash algorithm is 
an HMAC utilizing said password as a key. 

9. (Original) The protocol according to claim 1, wherein a salt value is 
concatenated to said password before it is hashed. 

1 0. (Currently Amended) An authenticator signal utilized in a protocol for 
increasing safety against a man-in-the-middle computer access attack for point-to-point 
communication, between a client computer and a server, to services in at least one of a 
network for data and telecommunication, said signal comprising: 

the hash value of at least the parameters clients password, client computer 
unique IP address, server unique IP address, and an N byte nonce value constituting said 
authenticator signal for accessing said services; and 

said authenticator signal comprising said client computer unique IP address 
and said server unique IP address, thus preventing said authenticator signal from being sent 
from a computer with a different IP address. 
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I L (Original) The signal according to claim 10, wherein said N byte nonce value 
is a random data only generated once by a random generator and used once in said point-to- 
point communication and then discarded. 

12. (Currently Amended) The signal according to claim 1 1 , wherein the random 
generator is provided with a seed to produce said nonce numerical value. 

13. (Original) The signal according to claim 12, wherein the seed is comprised of 
said password and a volatile value. 

14. (Original) The signal according to claim 13, wherein the volatile value is a 
timestamp value or a counter value. 

15. (Original) The signal according to claim 10, wherein said parameters are 
concatenated in an arbitrary order before said hash algorithm is applied. 

16. (Original) The signal according to claim 10, wherein said hash algorithm is 
one of SHA-1, SHA-256, SHA-384 and SHA-512. 

17. (Original) The signal according to claim 10, wherein said hash algorithm is an 
HMAC utilizing said password as a key. 

1 8. (Original) The signal according to claim 10, wherein a salt value is 
concatenated to said password before it is hashed. 

1 9. (Currently Amended) A m e dium A network for at least one of data and 
telecomm unication for carrying an authenticator signal utilized in a protocol for increasing 
safety against a man-in-the-middle computer access attack for point-to-point communication, 
between a client computer and a server, to services, whereby said signal comprises the hash 
value of at least the parameters clients password, client computer unique IP address, server 
unique IP address, and an N byte nonce value constituting said authenticator signal for 
accessing said services, and said authenticator signal comprising said client computer unique 
IP address and server unique IP address, thus preventing said authenticator signal from being 
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sent from a computer with a different IP address in said m e dium, said m e dium b e ing a 
n e twork for at least on e of data and tel e communication network . 

20. (Previously Presented) A detector in a server for increasing safety against a 
man-in-the-middle computer access attack for point-to-point communication, between a 
client computer and said server, to services in at least one of a network for data and 
telecommunication utilizing a challenge-response pattern, comprising: 

detection of an authentication request containing a client's username to a 
server providing said services, said server identifying said client computer IP address and a 
client password accessible by the server through the transmitted username; 

said server responding with an N byte nonce numerical value; 

receiving a hash value of at least the parameters clients password, client 
computer unique IP address, server unique IP address, and said nonce value as an 
authenticator for accessing said services; and 

said server reproducing said authenticator by utilizing said hash algorithm and 
the parameters clients accessible password, client computer unique IP address, server unique 
IP address, and said nonce value, comparing the reproduction with the transmitted 
authenticator, whereby said detector detects a difference between the reproduction and the 
transmitted authenticator determining a man-in-the-middle computer attack. 

2 1 . (Original) A detector according to claim 20, wherein the IP address of the 
man-in-the-middle computer is determined by reverse analyzing the transmitted authenticator 
by utilizing the reproduced correct authenticator. 



